Wietse Venema via Postfix-users wrote in
<[email protected]>:
|John Stoffel via Postfix-users:
|>>>>>> "Wietse" == Wietse Venema via Postfix-users <[email protected]\
|>>>>>> rg> writes:
|>> John Stoffel:
|>>>>>>>> "Wietse" == Wietse Venema via Postfix-users <postfix-users@postfix\
|>>>>>>>> .org> writes:
...
|>>> Is there any simple way to do this for a regular postfix setup where I
|>>> need to forward some emails to a gmail.com or other account?
|>
|>> It may be possible with a Milter in the mail receiving path. Sort-of
|>> the opposite of what I described for undoig DMARC.
|>
|>> Otherwise, 'forward as an attachment' is a common mail reader
|>> feature.
...
|So you want to forward some messages with DMARC mitigation (From:
|header address in your domain, which address would that be?), with
|a new envelope address in your domain (same as From: header?), with
|a new DKIM signature on behalf of your domain, and blessed by your
|SPF policy.
|
|That may be possible with a 'null' SMTP-based content filter (a
|Postfix SMTP client thath connects directly to a Postfix SMTP server)
|and one or more after-filter Milters that implement the DMARC header
|mitugation, SPF sender envelope mitigation, and that sign with DKIM.
|
|Untested example:
...
|An alternative would be to deliver email for gmail.com etc. to a
|program (new code) that generates a new message with the original
The development version of the MUA i maintain can be spliced into
a single-message-MBOX or single-message-EML file/pipe like
cat zz.mbox |
s-nail -#:/ -R -S mta=test -S forward-as-attachment \
-Y 'forward . test@dom' \
# -Y 'Hey buddy!' \
-f - \
> z.mbox
and if zz.mbox is only your message then z.mbox starts like
From steffen Thu Oct 24 02:03:59 2024
Date: Thu, 24 Oct 2024 02:03:59 +0200
To: test@dom
Subject: Fwd: [pfx] Re: From/Reply-To munging (was Postfix in
containers/kubernetes)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=-=Ev7ueScSdx9dMCMHn5k66zMqhtgG-S_9L6vU=-="
Status: R
[-- #1.1 135/5509 --]
Content-Disposition: inline
Content-Type: message/rfc822
Content-Description: Forwarded message
From [email protected] Thu Oct 24 01:23:18 2024
With that buddy line uncommented you get
[-- #1.1 5/94 text/plain, 7bit, us-ascii --]
Hey buddy!
[-- #1.2 135/5509 message/rfc822 --]
[-- Forwarded message --]
instead.
I am sure there is other software, and that is also "new code" (as
in, unreleased until Christmas .. hopefully).
|as an attachment. Then, you can reuse the DKIM signing code that
|already exists for local submissions.
I have no idea how web mail clients and such are capable of
dealing with such message/rfc822 attachments though.
It would be interesting to know, as mailman offers this since
ever, but noone really used it. The Plan9 people had a time when
they quote-as-attachment (still at least one), but other than
that.
This is what i call user interface issue. It has always been an
error, maybe it will get better with
draft-ietf-lamps-header-protection, but then again this monster is
683847 bytes as of last week, and i abbreviated it on the
mutt-devel list as
But i thing we refer to different drafts now. I think you are all
talking about draft-autocrypt-lamps-protected-headers-02, whereas
i was at draft-ietf-lamps-header-protection-20.txt, and i find
that terribly and needlessly excessive. Note it also talks about
a future deprecation of any non-protected messages, which i find
too anticipatory, and needlessly so, too.
#?0|kent:rfc$ wc -l draft-autocrypt-lamps-protected-headers-02.txt
3864 draft-autocrypt-lamps-protected-headers-02.txt
#?0|kent:rfc$ wc -l draft-ietf-lamps-header-protection-20.txt
11200 draft-ietf-lamps-header-protection-20.txt
I mean, basically, isn't that just "duplicate the most important
headers of RFC 5322 into the signed part", aka "move practically
anything useful out of the main header, and place it within the
encrypted first multipart" (aka as via S/MIME and the Melnikov
draft) for generation, and "if you understand cryptographic
signatures and decrypting, use any such headers as the main
instances, and best if you somehow make that warp visible".
Which makes up six lines in this email.
The latter draft i find an overly complicated thing.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
